﻿namespace Contoso.ActiveDirectory {

    #region Usings
    using System;
    using System.DirectoryServices;
    #endregion

    /// <summary>
    /// Capabilities that a domain controller may advertise in response to NLTEST, an LDAP ping, or NETLOGON request
    /// </summary>
    [Flags]
    public enum DCFlags : uint {

        /// <summary>
        /// FP (DS_PDC_FLAG, 0x00000001): The server holds the PDC FSMO role 
        /// </summary>
        DS_PDC_FLAG = 0x00000001,

        /// <summary>
        /// FG (DS_GC_FLAG, 0x00000004): The server is a GC server and will accept and process 
        /// messages directed to it on the global catalog ports
        /// </summary>
        DS_GC_FLAG = 0x00000004,

        /// <summary>
        /// FL (DS_LDAP_FLAG, 0x00000008): The server is an LDAP server.
        /// </summary>
        DS_LDAP_FLAG = 0x00000008,

        /// <summary>
        /// FD (DS_DS_FLAG, 0x00000010): The server is a DC. 
        /// </summary>
        DS_DS_FLAG = 0x00000010,

        /// <summary>
        /// FK (DS_KDC_FLAG, 0x00000020): The server is running the Kerberos Key Distribution Center service.
        /// </summary>
        DS_KDC_FLAG = 0x00000020,

        /// <summary>
        /// FT (DS_TIMESERV_FLAG, 0x00000040): The Win32 Time Service is present on the server.
        /// </summary>
        DS_TIMESERV_FLAG = 0x00000040,

        /// <summary>
        /// FC (DS_CLOSEST_FLAG, 0x00000080): The server is in the same site as the client. 
        /// This is a hint to the client that it is well-connected to the server in terms of speed.
        /// </summary>
        DS_CLOSEST_FLAG = 0x00000080,

        /// <summary>
        /// FW (DS_WRITABLE_FLAG, 0x00000100): Indicates that the server is not an RODC. 
        /// All NC replicas hosted on an RODC do not accept originating updates.
        /// </summary>
        DS_WRITABLE_FLAG = 0x00000100,

        /// <summary>
        /// FGT (DS_GOOD_TIMESERV_FLAG, 0x00000200): The server is a reliable time server.
        /// </summary>
        DS_GOOD_TIMESERV_FLAG = 0x00000200,

        /// <summary>
        /// FN (DS_NDNC_FLAG, 0x00000400): The NC is an application NC.
        /// </summary>
        DS_NDNC_FLAG = 0x00000400,

        /// <summary>
        /// FSS (DS_SELECT_SECRET_DOMAIN_6_FLAG, 0x00000800): The server is an RODC.
        /// </summary>
        DS_SELECT_SECRET_DOMAIN_6_FLAG = 0x00000800,

        /// <summary>
        /// FFS (DS_FULL_SECRET_DOMAIN_6_FLAG, 0x00001000): The server is a writable DC, not Windows 2000/2003
        /// </summary>
        DS_FULL_SECRET_DOMAIN_6_FLAG = 0x00001000,

        /// <summary>
        /// FWS (DS_WS_FLAG, 0x00002000): The Active Directory Web Service, as specified in [MSADDM], is present on the server.
        /// </summary>
        DS_WS_FLAG = 0x00002000,

        /// <summary>
        /// FW8 (DS_DS_8_FLAG, 0x00004000): The server is not running Windows 2000/2003/2008/2008 R2
        /// </summary>
        DS_DS_8_FLAG = 0x00004000,

        /// <summary>
        /// FW9 (DS_DS_9_FLAG, 0x00008000): The server is not running Windows 2000/2003/2008/2008 R2/2012 
        /// </summary>
        DS_DS_9_FLAG = 0x00008000,

        /// <summary>
        /// FDNS (DS_DNS_CONTROLLER_FLAG, 0x20000000): The server has a DNS name.
        /// </summary>
        DS_DNS_CONTROLLER_FLAG = 0x20000000,

        /// <summary>
        /// FDM (DS_DNS_DOMAIN_FLAG, 0x40000000): The NC is a default NC.
        /// </summary>
        DS_DNS_DOMAIN_FLAG = 0x40000000,

        /// <summary>
        /// FF (DS_DNS_FOREST_FLAG, 0x80000000): The NC is the forest root.
        /// </summary>
        DS_DNS_FOREST_FLAG = 0x80000000

    }

    /// <summary>
    /// Bit flag that represents different categories of special characters and 
    /// whether they should be escaped when the DN is displayed as a string.
    /// </summary>
    [Flags]
    public enum EscapeChars {
        /// <summary>
        /// No special characters will be escaped.
        /// </summary>
        None = 0,
        /// <summary>
        /// Characters lower than ascii 32, such as tab and linefeed
        /// </summary>
        ControlChars = 1,
        /// <summary>
        /// The disinguished name special characters ',', '=', '+', '<', '>', '#', ';', '\\', '"'
        /// </summary>
        SpecialChars = 2,
        /// <summary>
        /// Any characters >= 128, which are represented as multiple bytes in UTF-8
        /// </summary>
        MultibyteChars = 4
    }

    /// <summary>
    /// Group Attribute Types.  Note that "Any" does not represent valid 
    /// bit positions for a flag enum, and are intended to be used only for coarser granularity
    /// comparisons. Do not use the "Any" flag for bitwise operations.
    /// </summary>
    /// <see also cref="http://msdn2.microsoft.com/en-us/library/ms675935.aspx"/>
    [Flags]
    public enum GroupTypeFlags : uint {
        /// <summary>
        /// Warning: Inappropriate value for a flags enum.  Placeholder used to specify any group.
        /// Do not use this flag for bitwise operations.
        /// </summary>
        Any = 0x00000000,
        /// <summary>
        /// Specifies a group that is created by the system.
        /// </summary>
        BuiltIn = 0x00000001,
        /// <summary>
        /// Specifies a group with global scope.
        /// </summary>
        Global = 0x00000002,
        /// <summary>
        /// Specifies a group with domain local scope.
        /// </summary>
        Local = 0x00000004,
        /// <summary>
        /// Specifies a group with universal scope.
        /// </summary>
        Universal = 0x00000008,
        /// <summary>
        /// Specifies an APP_BASIC group for Windows Server Authorization Manager.
        /// </summary>
        AppBasic = 0x00000010,
        /// <summary>
        /// Specifies an APP_QUERY group fir Windows Server Authorization Manager.
        /// </summary>
        AppQuery = 0x00000020,
        /// <summary>
        /// Specifies a security group. If this flag is not set, then the group is a distribution group.
        /// </summary>
        SecurityEnabled = 0x80000000,

        /// <summary>
        /// Domain Global Distribution Group
        /// </summary>
        GlobalDistribution = GroupTypeFlags.Global,
        /// <summary>
        /// Domain Local Distribution Group
        /// </summary>
        LocalDistribution = GroupTypeFlags.Local,
        /// <summary>
        /// Universal Distribution Group
        /// </summary>
        UniversalDistribution = GroupTypeFlags.Universal,

        /// <summary>
        /// Built-in Security Group
        /// </summary>
        BuiltInSecurity = GroupTypeFlags.BuiltIn | GroupTypeFlags.SecurityEnabled | GroupTypeFlags.Local,
        /// <summary>
        /// Domain Global Security Group
        /// </summary>
        GlobalSecurity = GroupTypeFlags.Global | GroupTypeFlags.SecurityEnabled,
        /// <summary>
        /// Domain Local Security Group
        /// </summary>
        LocalSecurity = GroupTypeFlags.Local | GroupTypeFlags.SecurityEnabled,
        /// <summary>
        /// Universal Security Group
        /// </summary>
        UniversalSecurity = GroupTypeFlags.Universal | GroupTypeFlags.SecurityEnabled,
        /// <summary>
        /// Any Security Group
        /// </summary>
        AnySecurity = GroupTypeFlags.SecurityEnabled
    }

    public enum GroupMemberType : int {
        Direct = 0,
        Nested = 1,
        Group = 2
    }

    /// <summary>
    /// http://msdn.microsoft.com/en-us/library/windows/desktop/ms680938%28v=VS.85%29.aspx
    /// </summary>
    public enum ObjectClassType {
        Computer,
        Configuration,
        Contact,
        Domain,
        Group,
        ManagedServiceAccount,
        NtdsDSA,
        OrganizationalUnit,
        Secret,
        SecurityPrincipal,
        Server,
        Site,
        SiteLink,
        SiteLinkBridge,
        SitesContainer,
        Subnet,
        Top,
        User
    }

    /// <summary>
    /// For specifying the search scope, LDAP or GC
    /// </summary>
    public enum PartitionScope {
        GlobalCatalog,
        LocalPartition
    }

    public enum PrimaryGroup {
        Undefined = 0,
        DomainAdmins = 512,
        DomainControllers = 516,
        DomainGuests = 514,
        DomainUsers = 513,
        DomainComputers = 515,
        EnterpriseAdmins = 519,
        GroupPolicyCreatorOwners = 520,
        ReadOnlyDomainControllers = 521
    }

    public enum SamAccountType : uint {
        None = 0,
        SAM_GROUP_OBJECT = 0x10000000,
        SAM_NON_SECURITY_GROUP_OBJECT = 0x10000001,
        SAM_ALIAS_OBJECT = 0x20000000,
        SAM_NON_SECURITY_ALIAS_OBJECT = 0x20000001,
        SAM_USER_OBJECT = 0x30000000,
        SAM_MACHINE_ACCOUNT = 0x30000001,
        SAM_TRUST_ACCOUNT = 0x30000002
    }

    /// <summary>
    /// http://msdn.microsoft.com/en-us/library/windows/desktop/ms679765%28v=vs.85%29.aspx
    /// Optional.  Contains a set of flags that specify search and indexing information for an attribute
    /// </summary>
    /// <remarks>
    /// Value           Description
    /// 1 (0x00000001)  IX ATTINDEX
    ///                 Specifies a hint to the DC to create an index for the attribute.
    /// 
    /// 2 (0x00000002)  PI PDNTATTINDEX
    ///                 Specifies a hint to the DC to create an index for the container and the attribute. 
    /// 
    /// 4 (0x00000004)  AR ANR
    ///                 Add this attribute to the Ambiguous Name Resolution (ANR) set. 
    ///                 This is used to assist in finding an object when only partial information is given. 
    ///                 For example, if the LDAP filter is (ANR=JEFF), the search will find each object where 
    ///                 the first name, last name, email address, or other ANR attribute is equal to JEFF. 
    ///                 Bit 0 must be set for this index take affect.
    ///                 
    /// 8 (0x00000008)  PR PRESERVEONDELETE
    ///                 Specifies that the attribute MUST be preserved on objects after deletion of the object 
    ///                 (that is, when the object is transformed to a tombstone, deleted-object, or recycled-object). 
    ///                 This flag is ignored on link attributes, objectCategory, and sAMAccountType. 
    /// 
    /// 16 (0x00000010) CP COPY
    ///                 Specifies a hint to LDAP clients that the attribute is intended to be copied when copying the object.
    ///                 This flag is not interpreted by the server. 
    /// 
    /// 32 (0x00000020) TP TUPLEINDEX
    ///                 Windows Server 2003 and higher. Create a tuple index for the attribute. 
    ///                 This will improve searches where the wildcard appears at the front of the search string. 
    ///                 For example, (sn=*mith).    
    ///                 
    /// 64 (0x00000040) ST SUBTREEATTINDEX
    ///                 Supported beginning with ADAM. Creates an index to improve VLV performance on arbitrary attributes.
    ///                 
    /// 128 (0x00000080)CF CONFIDENTIAL
    ///                 Confidential Attribute (Windows Server 2003 SP1 and higher)
    ///                 Specifies that the attribute is confidential. 
    ///                 An extended access check (section 3.1.1.4.4) is required.
    /// 
    /// 256 (0x00000100)NV NEVERVALUEAUDIT
    ///                 Disable security auditing for attribute (Windows Server 2008 and higher)
    ///                 Specifies that auditing of changes to individual values contained in this attribute 
    ///                 MUST NOT be performed. Auditing is outside of the state model. 
    /// 
    /// 512 (0x00000200)RO RODCFilteredAttribute
    ///                 Include attribute in RODC Filtered Attribute Set (FAS) (Windows Server 2008 and higher)
    ///                 Almost ALL attributes, except the Bitlocker attributes, are NOT included in the RODC-FAS,
    ///                 meaning they are replicated to an RODC.
    ///                 To prevent replication of the attribute value(s) to RODCs INCLUDE the attribute as a member of the RODC-FAS. 
    ///                 Only attributes that DO NOT have "schemaFlagsEx" with 0x1 can be included in RODC-FAS
    ///                 The default RODC FAS contains the following list of attributes:
    ///                 ms-PKI-DPAPIMasterKeys
    ///                 ms-PKI-AccountCredentials
    ///                 ms-PKI-RoamingTimeStamp
    ///                 ms-FVE-KeyPackage
    ///                 ms-FVE-RecoveryPassword
    ///                 ms-TPM-OwnerInformation 
    /// </remarks>
    [Flags]
    public enum SearchFlags {
        Undefined = 0x00000000,
        CreateIndex = 0x00000001,
        CreateIndexForAttributeAndContainer = 0x00000002,
        AddToANRSet = 0x00000004,
        PreserveOnDelete = 0x00000008,
        CopyAttributeValue = 0x00000010,
        CreateTupleIndex = 0x00000020,
        CreateSubTreeIndex = 0x00000040,
        Confidential = 0x00000080,
        DisableAuditing = 0x00000100,
        RODCFilteredAttribute = 0x00000200
    }

    /// <summary>
    /// http://msdn.microsoft.com/en-us/library/windows/desktop/aa379572%28v=vs.85%29.aspx
    /// </summary>
    public enum SecurityImpersonationLevel : int {
        Anonymous,
        Identification,
        Impersonation,
        Delegation
    }

    /// <summary>
    /// The Active Directory Schema version
    /// Located at: cn=schema,cn=configuration,dc=domainname,dc=com
    /// Attribute: ObjectVersion
    /// </summary>
    public enum SchemaVersion {
        Undefined = 0,
        Windows2000 = 13,
        Windows2003 = 30,
        Windows2003R2 = 31,
        Windows2008 = 44,
        Windows2008R2 = 47,
        Windows2012 = 56,
        Windows2012R2 = 69,
        Windows2016 = 87
    }

    /// <summary>
    /// Kerberos encryption types for Active Directory authentication
    /// http://msdn.microsoft.com/en-us/library/ee808210.aspx
    /// </summary>
    /// <remarks>Little Endian</remarks>
    [Flags]
    public enum SupportedEncryptionTypeFlags {
        Undefined = 0x0000000,
        DES_CBC_CRC = 0x00000001,
        DES_CBC_MD5 = 0x00000002,
        RC4_HMAC_MD5 = 0x00000004,
        AES128_CTS_HMAC_SHA1_96 = 0x0000008,
        AES256_CTS_HMAC_SHA1_96 = 0x00000010
    }

    /// <summary>
    /// http://msdn.microsoft.com/en-us/library/cc220919%28v=prot.10%29.aspx
    /// http://msdn.microsoft.com/en-us/library/cc223141%28v=prot.10%29.aspx
    /// </summary>
    /// <remarks>Flags enum</remarks>
    [Flags]
    public enum SystemFlags : uint {
        None = 0x00000000,
        /// <summary>
        /// NR (FLAG_ATTR_NOT_REPLICATED or FLAG_CR_NTDS_NC, 0x00000001): 
        /// When used on an attributeSchema object, it specifies that this attribute is not replicated.
        /// If it is used on a crossRef object, it specifies that the NC that the crossRef is for is an Active DirectoryNC.
        /// </summary>
        NotReplicated = 0x00000001,
        /// <summary>
        /// PS (FLAG_ATTR_REQ_PARTIAL_SET_MEMBER or FLAG_CR_NTDS_DOMAIN, 0x00000002):
        /// When used on an attributeSchema object, it specifies that the attribute is a member of a partial attribute set (PAS). 
        /// If used on a crossRef object, it specifies that the NC is a domain NC.
        /// </summary>
        PartialAttributeSetMember = 0x00000002,
        /// <summary>
        /// CS (FLAG_ATTR_IS_CONSTRUCTED or FLAG_CR_NTDS_NOT_GC_REPLICATED, 0x00000004):
        /// When used on an attributeSchema object, this flag specifies that the attribute is a constructed attribute. 
        /// If used on a crossRef object, it specifies that the NC is not to be replicated to GCs.
        /// </summary>
        IsConstructed = 0x00000004,
        /// <summary>
        /// OP (FLAG_ATTR_IS_OPERATIONAL, 0x00000008): 
        /// Only used on an attributeSchema object. It specifies that the attribute is an operational attribute.
        /// </summary>
        IsOperational = 0x00000008,
        /// <summary>
        /// BS (FLAG_SCHEMA_BASE_OBJECT, 0x00000010): 
        /// Only used on attributeSchema and classSchema objects. 
        /// It specifies that this attribute or class is part of the base schema.
        /// Modifications to base schema objects are specially restricted.
        /// </summary>
        SchemaBaseObject = 0x00000010,
        /// <summary>
        /// RD (FLAG_ATTR_IS_RDN, 0x00000020):
        /// Only used on an attributeSchema object.
        /// It specifies that this attribute can be used as an RDN attribute.
        /// </summary>
        IsRDN = 0x00000020,
        /// <summary>
        /// DE (FLAG_DISALLOW_MOVE_ON_DELETE, 0x02000000): 
        /// Specifies that the object does not move to the deleted-objects container when the object is deleted.
        /// </summary>
        DisallowMoveOnDelete = 0x02000000,
        /// <summary>
        /// DM (FLAG_DOMAIN_DISALLOW_MOVE, 0x04000000): 
        /// Specifies that if the object is in a domain NC, the object cannot be moved.
        /// </summary>
        DomainDisallowMove = 0x04000000,
        /// <summary>
        /// DR (FLAG_DOMAIN_DISALLOW_RENAME, 0x08000000): 
        /// Specifies that if the object is in a domain NC, the object cannot be renamed.
        /// </summary>
        DomainDisallowRename = 0x08000000,
        /// <summary>
        /// AL (FLAG_CONFIG_ALLOW_LIMITED_MOVE, 0x10000000): 
        /// Specifies that if the object is in the config NC, the object can be moved, with restrictions.
        /// </summary>
        ConfigAllowLimitedMove = 0x10000000,
        /// <summary>
        /// AM (FLAG_CONFIG_ALLOW_MOVE, 0x20000000): 
        /// Specifies that if the object is in the config NC, the object can be moved.
        /// </summary>
        ConfigAllowMove = 0x20000000,
        /// <summary>
        /// AR (FLAG_CONFIG_ALLOW_RENAME, 0x40000000): 
        /// Specifies that if the object is in the config NC, the object can be renamed.
        /// </summary>
        ConfigAllowRename = 0x40000000,
        /// <summary>
        /// DD (FLAG_DISALLOW_DELETE, 0x80000000): 
        /// Specifies that the object cannot be deleted.
        /// </summary>
        DisallowDelete = 0x80000000
    }

    /// <summary>
    /// http://msdn.microsoft.com/en-us/library/ms680832%28VS.85%29.aspx
    /// </summary>
    /// <remarks>
    /// CannotChangePassword is not used for AD accounts.  To prevent a user from changing a password, add deny ace's.
    /// </remarks>
    [Flags]
    public enum UserAccountControlFlags : int {
        NotSet = 0x00000000,
        Script = 0x00000001,
        AccountDisabled = 0x00000002,
        HomeDirectoryRequired = 0x00000008,
        AccountLockedOut = 0x00000010,
        PasswordNotRequired = 0x00000020,
        /// <summary>
        /// The user cannot change the password. This flag can be read, but not set directly. 
        /// </summary>
        CannotChangePassword = 0x00000040,
        EncryptedTextPasswordAllowed = 0x00000080,
        TempDuplicateAccount = 0x00000100,
        NormalAccount = 0x00000200,
        InterDomainTrustAccount = 0x00000800,
        WorkstationTrustAccount = 0x00001000,
        /// <summary>
        /// Domain controller
        /// </summary>
        ServerTrustAccount = 0x00002000,
        PasswordNeverExpires = 0x00010000,
        /// <summary>
        /// This is an Majority Node Set (MNS) logon account. 
        /// With MNS, you can configure a multi-node Windows cluster without using a common shared disk.
        /// </summary>
        MNSLogonAccount = 0x00020000,
        SmartCardRequired = 0x00040000,
        /// <summary>
        /// The service account (user or computer account), under which a service runs, 
        /// is trusted for Kerberos delegation. Any such service can impersonate a client requesting the service.
        /// This flag is set when an account is configured for UNconstrained delegation.
        /// </summary>            
        TrustedForDelegation = 0x00080000,
        /// <summary>
        /// When set, the security context of the user will not be delegated to a service 
        /// even if the service account is set as trusted for Kerberos delegation.
        /// AKA "Account is sensitive and cannot be delegated"
        /// </summary>
        NotDelegated = 0x00100000,
        /// <summary>
        /// For downlevel clients prior to Vista/2008, determines if the computer can DES and RC4, or only DES
        /// </summary>
        UseDESKeysOnly = 0x00200000,
        DontRequirePreAuth = 0x00400000,
        /// <summary>
        /// The user password has expired. This flag is created by the system using data from the password 
        /// last set attribute and the domain policy. It is read-only and cannot be set. To manually set a 
        /// user password as expired, use the NetUserSetInfo function with the USER_INFO_3 
        /// (usri3_password_expired member) or USER_INFO_4 (usri4_password_expired member) structure.
        /// </summary>
        PasswordExpired = 0x00800000,
        /// <summary>
        /// The account is enabled for delegation. This is a security-sensitive setting; accounts with this option 
        /// enabled should be strictly controlled. This setting enables a service running under the account to 
        /// assume a client identity and authenticate as that user to other remote servers on the network.
        /// This flag is set when an account is configured for constrained delegation.
        /// </summary>
        TrustedToAuthenticateForDelegation = 0x01000000,

        /// <summary>
        /// Read only domain controllers
        /// </summary>
        PartialSecretsAccount = 0x04000000,

        UseAesKeys = 0x08000000
    }

    #region NTDS Configuration
    /// <summary>
    /// Informational flags about an Active Directory domain instance
    /// </summary>
    [Flags]
    public enum InstanceTypeFlags {
        Undefined = 0x00000000,
        /// <summary>
        /// H (IT_NC_HEAD, 0x00000001): This flag is set (value 1) on all NC roots.
        /// </summary>
        IT_NC_HEAD = 0x00000001,
        /// <summary>
        /// U (IT_UNINSTANT, 0x00000002): If this flag is set, the NC replica that this root represents 
        /// does not exist locally. This flag implies that this root is a subordinate reference object.
        /// </summary>
        IT_UNINSTANT = 0x00000002,
        /// <summary>
        /// W (IT_WRITE, 0x00000004): This flag is written locally based upon the desired NC replica 
        /// type. A regular NC replica will have this flag set, and a partial NC replicawill not have this 
        /// flag set. The IT_WRITE flag MUST be propagated identically to every object in the NC replica. 
        /// </summary>
        IT_WRITE = 0x00000004,
        /// <summary>
        /// A (IT_NC_ABOVE, 0x00000008): This flag indicates that the local DCholds an instantiated 
        /// NC replica that is a parent of the NC replica represented by this NC root. This flag also 
        /// indicates that this NC root is a subordinate reference object. 
        /// </summary>
        IT_NC_ABOVE = 0x00000008,
        /// <summary>
        /// C (IT_NC_COMING, 0x00000010): This flag indicates that the NC replica has not completed 
        /// its initial replication into the local DC, and may not have a full set of objects in the NC 
        /// represented by this NC root. 
        /// </summary>
        IT_NC_COMING = 0x00000010,
        /// <summary>
        /// G (IT_NC_GOING, 0x00000020): This flag indicates that the NC replica is being removed from 
        /// the local DC, and may not have a full set of objects in the NC represented by this NC root.
        /// </summary>
        IT_NC_GOING = 0x00000020
    }

    public enum MSDSBehaviorVersionDefinition {
        WIN2000 = 0x00000000,
        WIN2003MIXED = 0x00000001,
        WIN2003 = 0x00000002,
        WIN2008 = 0x00000003,
        WIN2008R2 = 0x00000004,
        WIN2012 = 0x00000005,
        WIN2012R2 = 0x00000006
    }

    [Flags]
    public enum NTDSConnectionOptionsFlags {
        Undefined = 0x00000000,
        /// <summary>
        /// IG The nTDSConnectionobject was generated by the KCC.
        /// </summary>
        IS_GENERATED = 0x00000001,
        /// <summary>
        /// TS Indicates that a replication cycle should be performed 
        /// in the opposite direction at the end of a replication cycle that is using this connection. 
        /// </summary>
        TWOWAY_SYNC = 0x00000002,
        /// <summary>
        /// OND Do not use defaults to determine notification. 
        /// </summary>
        OVERRIDE_NOTIFY_DEFAULT = 0x00000004,
        /// <summary>
        /// UN The source DC notifies the destination DC regarding changes on the source DC. 
        /// </summary>
        USE_NOTIFY = 0x00000008,
        /// <summary>
        /// DIC For intersite replication, this indicates that the compression of replication data is disabled. 
        /// </summary>
        DISABLE_INTERSITE_COMPRESSION = 0x00000010,
        /// <summary>
        /// UOS For KCC-generated connections, indicates that the scheduleattribute 
        /// is owned by the user and should not be modified by the KCC. 
        /// </summary>
        USER_OWNED_SCHEDULE = 0x00000020
    }

    [Flags]
    public enum NTDSReplicationReasonFlags {
        Undefined = 0x00000000,
        /// <summary>
        /// GC Not used.
        /// </summary>
        GC_TOPOLOGY = 0x00000001,
        /// <summary>
        /// R The connection object is created to form a ring topology.
        /// </summary>
        RING_TOPOLOGY = 0x00000002,
        /// <summary>
        /// MH The connection object is created to minimize hops between replicating nodes.
        /// </summary>
        MINIMIZE_HOPS_TOPOLOGY = 0x00000004,
        /// <summary>
        /// SS If the KCC finds that the destination server is not responding, then it sets this bit.
        /// </summary>
        STALE_SERVERS_TOPOLOGY = 0x00000008,
        /// <summary>
        /// OC The KCC sets this bit if deletion of the connection object was prevented.
        /// When the KCC considers deleting a connection object, it first checks if it previously deleted connection objects 
        /// with the same source DC, destination DC, and options for an implementation-specific number of times T 
        /// (default value is 3) over the last implementation-specific time period t (the default is 7 days) 
        /// since the server has started. If it did, it will set the NTDSCONN_KCC_OSCILLATING_CONNECTION_TOPOLOGY 
        /// bit on the connection object and will not delete it. Otherwise, it will delete the connection object.
        /// </summary>
        OSCILLATING_CONNECTION_TOPOLOGY = 0x00000010,
        /// <summary>
        /// ISG This connection is to enable replication of partial NC replica between DCs in different sites.
        /// </summary>
        INTERSITE_GC_TOPOLOGY = 0x00000020,
        /// <summary>
        /// IS This connection is to enable replication of a full NC replica between DCs in different sites.
        /// </summary>
        INTERSITE_TOPOLOGY = 0x00000040,
        /// <summary>
        /// SF This connection is a redundant connection between DCs that is used 
        /// for failover when other connections between DCs are not functioning.
        /// </summary>
        SERVER_FAILOVER_TOPOLOGY = 0x00000080,
        /// <summary>
        /// SIF This connection is a redundant connection between bridgehead DCs in different DCs; 
        /// it is used for failover when other connections between bridgehead DCs connecting two sites are not functioning.
        /// </summary>
        SITE_FAILOVER_TOPOLOGY = 0x00000100,
        /// <summary>
        /// RS Redundant connection object connecting bridgeheads in different sites.
        /// </summary>
        REDUNDANT_SERVER_TOPOLOGY = 0x00000200
    }

    /// <summary>
    /// The NTDSSettings object is also known as nTDSDSA.
    /// Each DC in a forest has an nTDSDSA object in the config NC. 
    /// </summary>
    [Flags]
    public enum NTDSSettingsOptionsFlags {
        Undefined = 0x00000000,
        /// <summary>
        /// GC (NTDSDSA_OPT_IS_GC, 0x00000001): This DC is, or is becoming, a GC server. 
        /// </summary>
        NTDSDSA_OPT_IS_GC = 0x00000001,
        /// <summary>
        /// DI (NTDSDSA_OPT_DISABLE_INBOUND_REPL, 0x00000002): This DC does not perform 
        /// inbound replication unless the DRS_SYNC_FORCED flag is passed. See [MS-DRSR]section 
        /// 4.1.10.4.1, ReplicateNCRequestMsg, for the effects of this option. 
        /// </summary>
        NTDSDSA_OPT_DISABLE_INBOUND_REPL = 0x00000002,
        /// <summary>
        /// DO (NTDSDSA_OPT_DISABLE_OUTBOUND_REPL, 0x00000004): This DC does not perform 
        /// outbound replication unless the DRS_SYNC_FORCED flag is passed. See [MS-DRSR]section 
        /// 4.1.10.5.2, GetReplChanges, for the effects of this option. 
        /// </summary>
        NTDSDSA_OPT_DISABLE_OUTBOUND_REPL = 0x00000004,
        /// <summary>
        /// DNX (NTDSDSA_OPT_DISABLE_NTDSCONN_XLATE, 0x00000008): This DC does not 
        /// translate connection objects into repsFroms. See section 6.2 for more information. 
        /// </summary>
        NTDSDSA_OPT_DISABLE_NTDSCONN_XLATE = 0x00000008,
        /// <summary>
        /// DS (NTDSDSA_OPT_DISABLE_SPN_REGISTRATION, 0x00000010): This DC does not 
        /// perform SPN registration. Only interpreted by AD LDS DCs. See [MS-DRSR] sections 2.2.3.3
        /// and 2.2.4.3, SPN for a Target DC in AD LDS, for the effects of this option
        /// </summary>
        NTDSDSA_OPT_DISABLE_SPN_REGISTRATION = 0x00000010
    }

    /// <summary>
    /// Specifies the values for the options attribute on the NTDS Site Settings object
    /// </summary>
    [Flags]
    public enum NTDSSiteSettingsOptionsFlags {
        Undefined = 0x00000000,

        /// <summary>
        /// When enabled, prevents the KCC from generating intrasite connections on all servers in the site. 
        /// Disable this option if you use manual connections and do not want the KCC to build connections automatically.
        /// </summary>
        IS_AUTO_TOPOLOGY_DISABLED = 0x00000001,

        /// <summary>
        /// When enabled, prevents the KCC from removing connection objects that it does not need. 
        /// Disable this option if you want to take responsibility for removing old redundant connections. 
        /// Alternatively, to control or augment the topology, you can use manual connections, 
        /// which the KCC does not delete.
        /// </summary>
        IS_TOPL_CLEANUP_DISABLED = 0x00000002,

        /// <summary>
        /// When enabled, prevents the KCC from generating optimizing connections in the ring topology of intrasite replication. 
        /// Optimizing connections reduce the replication latency in the site and disabling them is not recommended.
        /// </summary>
        IS_TOPL_MIN_HOPS_DISABLED = 0x00000004,

        /// <summary>
        /// Prevents the KCC from excluding servers that are unreachable from the topology; 
        /// that is, the KCC does use an alternate server to reroute replication. 
        /// Use this option only if network communication is very unstable and brief outages are expected. 
        /// </summary>
        IS_TOPL_DETECT_STALE_DISABLED = 0x00000008,

        /// <summary>
        /// Prevents the KCC that functions as the intersite topology generator (ISTG) from generating connections for 
        /// intersite replication. Use this option when you want to create manual intersite connections 
        /// (disable the ISTG) but retain the KCC to generate intrasite connections.
        /// </summary>
        IS_INTER_SITE_AUTO_TOPOLOGY_DISABLED = 0x00000010,

        /// <summary>
        /// Enables Universal Group Membership Caching in the site.
        /// </summary>
        IS_GROUP_CACHING_ENABLED = 0x00000020,

        /// <summary>
        /// Implements KCC operation that is consistent with Windows Server 2003 forest functional level. 
        /// This option can be set if all domain controllers in the site are running Windows Server 2003.
        /// </summary>
        FORCE_KCC_WHISTLER_BEHAVIOR = 0x00000040,

        /// <summary>
        /// When enabled, implements the Windows 2000 Server method of ISTG selection.
        /// </summary>
        FORCE_KCC_W2K_ELECTION = 0x00000080,

        /// <summary>
        /// Implements the Windows 2000 Server method of selecting a single bridgehead server per directory partition 
        /// and transport.
        /// </summary>
        IS_RAND_BH_SELECTION_DISABLED = 0x00000100,

        /// <summary>
        /// Spreads replication start times randomly across the entire schedule interval rather than 
        /// just the first quarter of the interval.
        /// </summary>
        IS_SCHEDULE_HASHING_ENABLED = 0x00000200,

        /// <summary>
        /// Creates redundant connections between sites before a failure takes place. 
        /// When enabled, disables KCC failover. 
        /// Requires that automatic detection of failed connections also be disabled (+IS_TOPL_DETECT_STALE_DISABLED).
        /// </summary>
        IS_REDUNDANT_SERVER_TOPOLOGY_ENABLED = 0x00000400,

        /// <summary>
        /// When the forest functional level Windows Server 2003 or Windows Server 2003 interim is in effect, 
        /// provides KCC control of the ability to ignore schedules (replication occurs at the designated intervals and is always available). 
        /// </summary>
        W2K3_IGNORE_SCHEDULES = 0x00000800,

        /// <summary>
        /// When the forest functional level Windows Server 2003 or Windows Server 2003 interim is in effect, 
        /// provides KCC control of the ability to enable or disable site link bridging.
        /// When specified, a SiteLinkBridge must exist for the KCC to create a connection to another Site.
        /// Specifying this setting provides more granular control over how redundant connections may be automatically,
        /// instead of disabling the global setting "Bridge all Site Links" on the InterSite Transports > IP container.
        /// </summary>
        W2K3_BRIDGES_REQUIRED = 0x00001000
    }
    #endregion

    #region Site Options
    [Flags]
    public enum InterSiteTransportOptions {
        Undefined = 0x00000000,

        /// <summary>
        /// Ignore Schedules box is checked.
        /// </summary>
        IGNORE_SCHEDULES = 0x00000001,

        /// <summary>
        /// Bridge All Site Links is unchecked/disabled.
        /// </summary>
        BRIDGES_REQUIRED = 0x00000002
    }

    /// <summary>
    /// Specifies the values for the options attribute on the SiteLink object
    /// </summary>
    [Flags]
    public enum SiteLinkOptions {
        Undefined = 0x00000000,

        /// <summary>
        /// UN (NTDSSITELINK_OPT_USE_NOTIFY, 0x00000001): 
        ///  If present, enables replication notifications between DCs in different sites in the siteList.
        /// </summary>
        NTDSSITELINK_OPT_USE_NOTIFY = 0x00000001,

        /// <summary>
        /// TS (NTDSSITELINK_OPT_TWOWAY_SYNC, 0x00000002): 
        ///  If present, forces a replication cycle in the opposite direction at the end of a replication cycle between DCs 
        ///  in different sites in the siteList.
        /// </summary>
        NTDSSITELINK_OPT_TWOWAY_SYNC = 0x00000002,

        /// <summary>
        /// DC (NTDSSITELINK_OPT_DISABLE_COMPRESSION, 0x00000004): 
        /// If present, disables compression of IDL_DRSGetNCChanges response messages sent between DCs in different sites in the siteList.
        /// </summary>
        NTDSSITELINK_OPT_DISABLE_COMPRESSION = 0x00000004
    }
    #endregion

    #region Exchange

    public enum ExchangeRights {
        None = 0,
        FullMailboxAccess = ActiveDirectoryRights.CreateChild,
        TakeOwnership = ActiveDirectoryRights.WriteOwner,
        ModifyUserAttributes = ActiveDirectoryRights.WriteDacl,
        DeleteMailboxStorage = ActiveDirectoryRights.Delete,
        ReadPermissions = ActiveDirectoryRights.ReadControl
    }

    public enum MSExchDeviceAccessState {
        Undefined = 0,
        Allowed = 1,
        Blocked = 2,
        Quarantined = 3
    }

    /// <summary>
    /// 1 (bit 0) = 1 to disable Server Activesync, 0 to enable it
    /// 2 (bit 1) = 1 to disable OMA, 0 to enable it
    /// 4 (bit 2) = 1 to disable Always Up-To-Date (AUTD), 0 to enable it
    /// </summary>
    [Flags]
    public enum MSExchangeOMAWirelessEnable : int {
        Enabled = 0x00000000,
        ActiveSyncDisabled = 0x00000001,
        OMADisabled = 0x00000002,
        AlwaysUpToDateDisabled = 0x00000004,
        Disabled = ActiveSyncDisabled | OMADisabled | AlwaysUpToDateDisabled
    }

    /// <summary>
    /// http://technet.microsoft.com/en-us/library/bb123496%28EXCHG.80%29.aspx
    /// </summary>
    [Flags]
    public enum MSExchCurrentServerRoles : int {
        Undefined = 0x00000000,
        Mailbox = 0x00000002,
        ClientAccess = 0x00000004,
        UnifiedMessaging = 0x00000010,
        HubTransport = 0x00000020,
        EdgeTransport = 0x00000040
    }

    /// <summary>
    /// Not  documented
    /// </summary>
    [Flags]
    public enum MSExchELCMailboxFlags : int {
        None = 0x00000000,
        ExpirationSuspended = 0x00000001,
        ELCV2 = 0x00000002,
        DisableCalendarLogging = 0x00000004,
        LitigationHold = 0x00000008,
        SingleItemRecovery = 0x00000010,
        ValidArchiveDatabase = 0x00000020
    }

    /// <summary>
    /// The enabled/disabled state of Outlook Mobile Access
    /// </summary>
    public enum MSExchMobileMailboxFlags : int {
        Disabled = 0,
        Enabled = 1
    }

    /// <summary>
    /// The display type of Exchange object
    /// http://blogs.technet.com/b/johnbai/archive/2013/09/11/o365-msexchangerecipienttypedetails.aspx
    /// </summary>
    public enum MSExchRecipientDisplayType : long {
        MailboxUser = 0x00000000,
        DistributionGroup = 0x00000001,
        PublicFolder = 0x00000002,
        DynamicDistributionGroup = 0x00000003,
        Organization = 0x00000004,
        PrivateDistributionList = 0x00000005,
        RemoteMailUser = 0x00000006,
        ConferenceRoomMailbox = 0x00000007,
        EquipmentMailbox = 0x00000008,
        UserLinkedOrSharedMailbox = 0x40000000,
        UniversalSecurityGroup = 0x40000009,
        SyncedMailboxUser = 0x80000006,
        SyncedUDGasUDG = 0x80000101,
        SyncedUDGasContact = 0x80000106,
        SyncedPublicFolder = 0x80000206,
        SyncedDynamicDistributionGroup = 0x80000306,
        SyncedRemoteMailUser = 0x80000606,
        SyncedConferenceRoomMailbox = 0x80000706,
        SyncedEquipmentMailbox = 0x80000806,
        SyncedUSGasUDG = 0x80000901,
        SyncedUSGasContact = 0x80000906,
        ACLableSyncedMailboxUser = 0xC0000006,
        ACLableSyncedRemoteMailUser = 0xC0000606,
        ACLableSyncedUSGasContact = 0xC0000906,
        SyncedUSGasUSG = 0xC0000909
    }

    /// <summary>
    /// The type of Exchange object
    /// http://blogs.technet.com/b/johnbai/archive/2013/09/11/o365-msexchangerecipienttypedetails.aspx
    /// </summary>
    [Flags]
    public enum MSExchRecipientTypeDetails : long {
        Undefined = 0x00000000,
        UserMailbox = 0x00000001,
        LinkedMailbox = 0x00000002,
        SharedMailbox = 0x00000004,
        LegacyMailbox = 0x00000008,
        RoomMailbox = 0x00000010,
        EquipmentMailbox = 0x00000020,
        MailEnabledContact = 0x00000040,
        MailEnabledUser = 0x00000080,
        MailEnabledUniversalDistributionGroup = 0x00000100,
        MailEnabledNonUniversalDistributionGroup = 0x00000200,
        MailEnabledUniversalSecurityGroup = 0x00000400,
        DynamicDistributionGroup = 0x00000800,
        MailEnabledPublicFolder = 0x00001000,
        SystemAttendantMailbox = 0x00002000,
        SystemMailbox = 0x00004000,
        CrossForestMailContact = 0x00008000,
        User = 0x00010000,
        Contact = 0x00020000,
        UniversalDistributionGroup = 0x00040000,
        UniversalSecurityGroup = 0x00080000,
        NonUniversalGroup = 0x00100000,
        DisabledUser = 0x00200000,
        MicrosoftExchange = 0x00400000,
        ArbitrationMailbox = 0x00800000,
        MailboxPlan = 0x01000000,
        LinkedUser = 0x02000000,
        RoomList = 0x10000000,
        DiscoveryMailbox = 0x20000000,
        RoleGroup = 0x40000000,
        RemoteMailbox = 0x80000000,
        TeamMailbox = 0x2000000000
    }

    [Flags]
    public enum MSExchRemoteRecipientType : int {
        Undefined = 0x00000000,
        ProvisionMailbox = 0x00000001,
        ProvisionArchive = 0x00000002,
        Migrated = 0x00000004,
        DeprovisionMailbox = 0x00000008,
        DeprovisionArchive = 0x00000010,
        RoomMailbox = 0x00000020,
        EquipmentMailbox = 0x00000040,
        SharedMailbox = 0x00000080,
        TeamMailbox = 0x00000100

    }

    public enum MSExchVersion : long {
        Undefined = 0,
        Exchange2007 = 4535486012416,
        Exchange2010 = 44220983382016
    }

    public enum MSExchUserAccountControl : int {
        Enabled = 0x00000000,
        Disabled = 0x00000002
    }
    #endregion

    #region DNS

    /// <summary>
    /// The DNS record class
    /// </summary>
    public enum DNSRecordClass : ushort {

        Undefined = 0,

        /// <summary>
        /// [RFC1035]
        /// </summary>
        IN = 1,

        /// <summary>
        /// [Moon1981]
        /// </summary>                           
        CH = 3,

        /// <summary>
        /// [Dyer1987]
        /// </summary>                         
        HS = 4,

        /// <summary>
        /// [RFC2136]
        /// </summary>                           
        NONE = 254,

        /// <summary>
        /// [RFC1035]
        /// </summary>                            
        ANY = 255
    }

    public enum DNSRecordRank : byte {

        Undefined = 0,

        /// <summary>
        /// The record came from the cache.
        /// </summary>
        CacheBit = 1,

        /// <summary>
        /// The record is a preconfigured root hint.
        /// </summary>
        RootHint = 8,

        /// <summary>
        /// Not used
        /// </summary>
        OutsideGlue = 32,

        /// <summary>
        /// The record was cached from the additional section of a nonauthoritative response.
        /// </summary>
        CacheNAAdditional = 49,

        /// <summary>
        /// The record was cached from the authority section of a nonauthoritative response.
        /// </summary>
        CacheNAAuthority = 65,

        /// <summary>
        /// The record was cached from the additional section of an authoritative response.
        /// </summary>
        CacheAAdditional = 81,

        /// <summary>
        /// The record was cached from the answer section of a nonauthoritative response.
        /// </summary>
        CacheNAAnswer = 97,

        /// <summary>
        /// The record was cached from the authority section of an authoritative response.
        /// </summary>
        CacheAAuthority = 113,

        /// <summary>
        /// The record is a glue record in an authoritative zone.
        /// </summary>
        Glue = 128,

        /// <summary>
        /// The record is a delegation (type NS) record in an authoritative zone.
        /// </summary>
        NSGlue = 130,

        /// <summary>
        /// The record was cached from the answer section of an authoritative response.
        /// </summary>
        CacheAAnswer = 193,

        /// <summary>
        /// The record comes from an authoritative zone.
        /// </summary>
        Zone = 240
    }

    /// <summary>
    /// The DNS record type
    /// </summary>
    public enum DNSRecordType : ushort {

        Undefined = 0,

        /// <summary>
        /// A host address [RFC1035]
        /// </summary>
        A = 1,

        /// <summary>
        /// An authoritative name server [RFC1035]
        /// </summary>
        NS = 2,

        /// <summary>
        /// A mail destination (Obsolete - use MX) [RFC1035]
        /// </summary>
        MD = 3,

        /// <summary>
        /// A mail forwarder (Obsolete - use MX) [RFC1035]
        /// </summary>
        MF = 4,

        /// <summary>
        /// The canonical name for an alias [RFC1035]
        /// </summary>
        CNAME = 5,

        /// <summary>
        /// Marks the start of a zone of authority [RFC1035]
        /// </summary>
        SOA = 6,

        /// <summary>
        ///  A mailbox domain name (EXPERIMENTAL) [RFC1035]
        /// </summary>
        MB = 7,

        /// <summary>
        /// A mail group member (EXPERIMENTAL) [RFC1035]
        /// </summary>
        MG = 8,

        /// <summary>
        /// A mail rename domain name (EXPERIMENTAL) [RFC1035]
        /// </summary>
        MR = 9,

        /// <summary>
        /// A null RR (EXPERIMENTAL) [RFC1035]
        /// </summary>
        NULL = 10,

        /// <summary>
        /// A well known service description [RFC1035]
        /// </summary>
        WKS = 11,

        /// <summary>
        /// A domain name pointer [RFC1035]
        /// </summary>
        PTR = 12,

        /// <summary>
        /// Host information [RFC1035]
        /// </summary>
        HINFO = 13,

        /// <summary>
        /// Mailbox or mail list information [RFC1035]
        /// </summary>
        MINFO = 14,

        /// <summary>
        /// Mail exchange [RFC1035]
        /// </summary>
        MX = 15,

        /// <summary>
        /// Text strings [RFC1035]
        /// </summary>
        TXT = 16,

        /// <summary>
        /// Responsible Person [RFC1183]
        /// </summary>
        RP = 17,

        /// <summary>
        /// For AFS Data Base location [RFC1183]
        /// </summary>
        AFSDB = 18,

        /// <summary>
        /// X.25 PSDN address [RFC1183]
        /// </summary>
        X25 = 19,

        /// <summary>
        /// ISDN address  [RFC1183]
        /// </summary>
        ISDN = 20,

        /// <summary>
        /// Route Through [RFC1183]
        /// </summary>
        RT = 21,

        /// <summary>
        /// NSAP address, NSAP style A record [RFC1706]
        /// </summary>
        NSAP = 22,

        /// <summary>
        /// Domain name pointer, NSAP style [RFC1348] 
        /// </summary>
        NSAPPTR = 23,

        /// <summary>
        /// security signature [RFC4034][RFC3755][RFC2535]
        /// </summary>
        SIG = 24,

        /// <summary>
        /// Security key [RFC4034][RFC3755][RFC2535]
        /// </summary>
        KEY = 25,

        /// <summary>
        /// X.400 mail mapping information [RFC2163]
        /// </summary>
        PX = 26,

        /// <summary>
        /// Geographical Position [RFC1712]
        /// </summary>
        GPOS = 27,

        /// <summary>
        /// IP6 Address [RFC3596]
        /// </summary>
        AAAA = 28,

        /// <summary>
        /// Location Information [RFC1876]
        /// </summary>
        LOC = 29,

        /// <summary>
        /// Next Domain - OBSOLETE [RFC3755][RFC2535]
        /// </summary>
        NXT = 30,

        /// <summary>
        /// Endpoint Identifier [Patton]
        /// </summary>
        EID = 31,

        /// <summary>
        /// Nimrod Locator [Patton]
        /// </summary>
        NIMLOC = 32,

        /// <summary>
        /// Server Selection [RFC2782]
        /// </summary>
        SRV = 33,

        /// <summary>
        /// ATM Address [ATMDOC]
        /// </summary>
        ATMA = 34,

        /// <summary>
        /// Naming Authority Pointer [RFC2915][RFC2168]
        /// </summary>
        NAPTR = 35,

        /// <summary>
        /// Key Exchanger [RFC2230]
        /// </summary>
        KX = 36,

        /// <summary>
        /// CERT [RFC4398]
        /// </summary>
        CERT = 37,

        /// <summary>
        /// A6 (Experimental) [RFC3226][RFC2874]
        /// </summary>
        A6 = 38,

        /// <summary>
        /// DNAME [RFC2672]
        /// </summary>
        DNAME = 39,

        /// <summary>
        /// SINK [Eastlake]
        /// </summary>
        SINK = 40,

        /// <summary>
        /// OPT [RFC2671]
        /// </summary>
        OPT = 41,

        /// <summary>
        /// APL [RFC3123]
        /// </summary>
        APL = 42,

        /// <summary>
        /// Delegation Signer [RFC4034][RFC3658]
        /// </summary>
        DS = 43,

        /// <summary>
        /// SSH Key Fingerprint [RFC4255]
        /// </summary>
        SSHFP = 44,

        /// <summary>
        /// IPSECKEY [RFC4025]
        /// </summary>
        IPSECKEY = 45,

        /// <summary>
        /// RRSIG [RFC4034][RFC3755]
        /// </summary>
        RRSIG = 46,

        /// <summary>
        /// NSEC [RFC4034][RFC3755]
        /// </summary>
        NSEC = 47,

        /// <summary>
        /// DNSKEY [RFC4034][RFC3755]
        /// </summary>
        DNSKEY = 48,

        /// <summary>
        /// DHCID [RFC4701]
        /// </summary>
        DHCID = 49,

        /// <summary>
        /// NSEC3 [RFC5155]
        /// </summary>
        NSEC3 = 50,

        /// <summary>
        /// NSEC3PARAM [RFC5155]
        /// </summary>
        NSEC3PARAM = 51,

        /// <summary>
        /// Host Identity Protocol [RFC5205]
        /// </summary>
        HIP = 55,

        /// <summary>
        /// NINFO [Reid]
        /// </summary>
        NINFO = 56,

        /// <summary>
        /// RKEY [Reid]
        /// </summary>
        RKEY = 57,

        /// <summary>
        /// Sender Policy Framework [RFC4408]
        /// </summary>
        SPF = 99,

        /// <summary>
        /// [IANA-Reserved]
        /// </summary>                          
        UINFO = 100,

        /// <summary>
        /// [IANA-Reserved]
        /// </summary>                            
        UID = 101,

        /// <summary>
        /// [IANA-Reserved]
        /// </summary>                          
        GID = 102,

        /// <summary>
        /// [IANA-Reserved]
        /// </summary>                             
        UNSPEC = 103,

        /// <summary>
        /// Transaction Key[RFC2930]
        /// </summary>                            
        TKEY = 249,

        /// <summary>
        /// Transaction Signature [RFC2845]
        /// </summary>
        TSIG = 250,

        /// <summary>
        /// Incremental transfer [RFC1995]
        /// </summary>
        IXFR = 251,

        /// <summary>
        /// Transfer of an entire zone [RFC1035]
        /// </summary>
        AXFR = 252,

        /// <summary>
        /// Mailbox-related RRs (MB, MG or MR) [RFC1035]
        /// </summary>
        MAILB = 253,

        /// <summary>
        /// Mail agent RRs (Obsolete - see MX) [RFC1035]
        /// </summary>
        MAILA = 254,

        /// <summary>
        /// A request for all records (*) [RFC1035]
        /// </summary>
        ANY = 255,

        /// <summary>
        /// DNSSEC Trust Authorities [Weiler] 2005-12-13
        /// </summary>
        TA = 32768,

        /// <summary>
        /// DNSSEC Lookaside Validation [RFC4431]
        /// </summary>
        DLV = 32769,

        /// <summary>
        /// WINS records (WINS Lookup record) [MS DNS]
        /// </summary>
        WINS = 65281,

        /// <summary>
        /// WINSR records (WINS Reverse Lookup record)  [MS DNS]
        /// </summary>
        WINSR = 65282
    }

    #region DNSRPCNodeFlags
    /// <summary>
    /// DNS_RPC_NODE_FLAGS enumerates the possible property values for the DNS_RPC_NODE and DNS_RPC_RECORD structures, 
    /// which MUST have dwFlags field set to any combination of following possible values. 
    /// These flags are used to indicate special properties of DNS records and to request special handling of DNS records 
    /// during enumeration and modification operations.
    /// </summary>
    [Flags]
    public enum DNSRPCNodeFlags : uint {

        Undefined = 0x00000000,

        /// <summary>
        /// This flag is set when updated record to disable zone-update notifications for a zone. Applicable for dwFlags in DNS_RPC_RECORD (section 2.2.2.2.5).
        /// </summary>
        DNS_RPC_FLAG_SUPPRESS_NOTIFY = 0x00010000,

        /// <summary>
        /// This flag is set when updating a record to enable or disable aging for a record.
        /// </summary>
        DNS_RPC_FLAG_AGING_ON = 0x00020000,

        /// <summary>
        /// This flag is set when updating a record to disable access control for a record.
        /// </summary>
        DNS_RPC_FLAG_OPEN_ACL = 0x00040000,

        /// <summary>
        /// This flag is set when requested enumeration is completed with the buffer being returned. Applicable for dwFlags in DNS_RPC_NODE (section 2.2.2.2.3).
        /// </summary>
        DNS_RPC_FLAG_NODE_COMPLETE = 0x00800000,

        /// <summary>
        /// This flag is set when enumerating a node that is at the domain root. Applicable for dwFlags in DNS_RPC_NODE (section 2.2.2.2.3).
        /// </summary>
        DNS_RPC_FLAG_NODE_STICKY = 0x01000000,

        /// <summary>
        /// This flag is set when adding or deleting a record. Applicable for dwFlags in DNS_RPC_RECORD (section 2.2.2.2.5).
        /// </summary>
        DNS_RPC_FLAG_RECORD_CREATE_PTR = 0x02000000,

        /// <summary>
        /// This flag is set in case of update record to update TTL value for the record. Applicable for dwFlags in DNS_RPC_RECORD (section 2.2.2.2.5).
        /// </summary>
        DNS_RPC_FLAG_RECORD_TTL_CHANGE = 0x04000000,

        /// <summary>
        /// Record SHOULD use zone default TTL value. Applicable for dwFlags in DNS_RPC_RECORD (section 2.2.2.2.5).
        /// </summary>
        DNS_RPC_FLAG_RECORD_DEFAULT_TTL = 0x08000000,

        /// <summary>
        /// Data is from enumeration performed at a node that is represents in a delegated sub-zone. Applicable for dwFlags in DNS_RPC_NODE (section 2.2.2.2.3).
        /// </summary>
        DNS_RPC_FLAG_ZONE_DELEGATION = 0x10000000,

        /// <summary>
        /// Data is from enumeration performed at an authoritative zone-root. Applicable for dwFlags in DNS_RPC_NODE (section 2.2.2.2.3).
        /// </summary>
        DNS_RPC_FLAG_AUTH_ZONE_ROOT = 0x20000000,

        /// <summary>
        /// Data is from enumeration performed at a zone-root. Applicable for dwFlags in DNS_RPC_NODE (section 2.2.2.2.3).
        /// </summary>
        DNS_RPC_FLAG_ZONE_ROOT = 0x40000000,

        /// <summary>
        /// Data is from the DNS cache.
        /// </summary>
        DNS_RPC_FLAG_CACHE_DATA = 0x80000000,

    }
    #endregion

    #region DNSZoneDCPromoFlag
    /// <summary>
    /// The DcPromo flag represents the DcPromo target application directory partition for the zone. 
    /// If, during zone creation ("ZoneCreate" operation of the R_Dnssrvoperation (section 3.1.4.1) method call),
    /// a zone is placed into the directory partition that represents the default naming context because the correct 
    /// directory partition was not available at the time, the zone's DcPromo flag is set appropriately to reflect this. 
    /// While polling the directory server, and if the time elapsed since the last directory server polling operation 
    /// is more than 15 minutes, the server SHOULD check whether it is in RODC mode (a server is in RODC mode if ForceRODCMode 
    /// [section 3.1.1.1.1] is TRUE or fReadOnlyDC [section 2.2.4.2.2.3] is TRUE). 
    /// If the time elapsed is less than 15 minutes, or if the server is in RODC mode, the server MUST NOT perform the following operations. 
    /// If the server is not in RODC mode and if the DNS server discovers a zone with a nonzero DcPromo flag, the zone and the Zone 
    /// Access Control List (section 3.1.1) MUST be moved from their current location to the application directory partition 
    /// specified in the following table if that partition is now available.
    /// </summary>
    public enum DNSZoneDCPromoFlag {

        /// <summary>
        /// No change to existing zone storage.
        /// </summary>
        DCPROMO_CONVERT_NONE = 0x00000000,

        /// <summary>
        /// Zone is to be moved to the DNS domain partition. This is the partition in the Application Directory Partition Table (section 3.1.1) 
        /// that has the DNS_DP_DOMAIN_DEFAULT bit set in dwDpFlags (section 2.2.5.2.7.2). See DNS_ZONE_CREATE_FOR_DCPROMO (section 2.2.5.2.7.1).
        /// If DownlevelDCsInDomain is nonzero, the zone is to be stored in the directory partition that represents the default naming context. 
        /// See DNS_DP_LEGACY (section 2.2.7.1.1).
        /// </summary>
        DCPROMO_CONVERT_DOMAIN = 0x00000001,

        /// <summary>
        /// Zone is to be moved to the DNS forest partition. This is the partition in the Application Directory Partition Table (section 3.1.1) 
        /// that has the DNS_DP_FOREST_DEFAULT bit set in dwDpFlags (section 2.2.5.2.7.2). See DNS_ZONE_CREATE_FOR_DCPROMO_FOREST (section 2.2.5.2.7.1).
        /// </summary>
        DCPROMO_CONVERT_FOREST = 0x00000002
    }
    #endregion

    #region DNSZoneDynamicUpdate
    /// <summary>
    /// The DNS zone dynamic update configuration
    /// </summary>
    public enum DNSZoneDynamicUpdate : uint {
        /// <summary>
        /// Not enabled
        /// </summary>
        None = 0x00000000,

        /// <summary>
        /// Any host may perform dynamic updates (secure or non-secure)
        /// </summary>
        All = 0x00000001,

        /// <summary>
        /// Only secure dynamic updates are allowed (authenticated security principals, the owner of the record)
        /// </summary>
        SecureOnly = 0x00000002
    }
    #endregion

    #region DNSZonePropertyId
    /// <summary>
    /// The Id specifies the type of data in a dnsProperty's Data field
    /// https://msdn.microsoft.com/en-us/library/ee898559.aspx
    /// </summary>
    public enum DNSZonePropertyId : uint {

        UNSPECIFIED = 0x00000000,

        /// <summary>
        /// The zone type
        /// </summary>
        DSPROPERTY_ZONE_TYPE = 0x00000001,

        /// <summary>
        /// Specifies if dynamic updates are allowed
        /// </summary>
        DSPROPERTY_ZONE_ALLOW_UPDATE = 0x00000002,

        /// <summary>
        /// The time at which the zone's AllowUpdate property (section 3.1.1.2.1) was last changed from any value to ZONE_UPDATE_SECURE 
        /// Changes of the zone's AllowUpdate property to any other value MUST NOT cause a change to Time Zone Secured.
        /// The value is expressed as the number of seconds since 12:00 A.M. January 1, 1601 Coordinated Universal Time (UTC) 
        /// in unsigned 64-bit integer format. The default value of this property MUST be zero.
        /// If this zone is stored in the local directory server, then this value is initialized from and written to the "whenChanged" 
        /// attribute of the "dnsZone".
        /// </summary>
        DSPROPERTY_ZONE_SECURE_TIME = 0x00000008,

        /// <summary>
        /// The zone no refresh interval.
        /// </summary>
        DSPROPERTY_ZONE_NOREFRESH_INTERVAL = 0x00000010,

        /// <summary>
        /// The zone refresh interval.
        /// </summary>
        DSPROPERTY_ZONE_REFRESH_INTERVAL = 0x00000020,

        /// <summary>
        /// Specifies if aging is enabled
        /// </summary>
        DSPROPERTY_ZONE_AGING_STATE = 0x00000040,

        /// <summary>
        /// A list of DNS servers that will perform scavenging. The list is formatted as an IP4 ARRAY.
        /// </summary>
        DSPROPERTY_ZONE_SCAVENGING_SERVERS = 0x00000011,

        /// <summary>
        /// The time interval before the next scavenging cycle.
        /// </summary>
        DSPROPERTY_ZONE_AGING_ENABLED_TIME = 0x00000012,

        /// <summary>
        /// The name of the server that deleted the zone. The value is a null-terminated Unicode string. The server SHOULD ignore this value.
        /// </summary>
        DSPROPERTY_ZONE_DELETED_FROM_HOSTNAME = 0x00000080,

        /// <summary>
        /// A list of DNS servers that will perform zone transfers. The list is formatted as an IP4 ARRAY.
        /// </summary>
        DSPROPERTY_ZONE_MASTER_SERVERS = 0x00000081,

        /// <summary>
        /// A list of servers which MAY autocreate a delegation. The list is formatted as an IP4 ARRAY.
        /// </summary>
        DSPROPERTY_ZONE_AUTO_NS_SERVERS = 0x00000082,

        /// <summary>
        /// The flag value representing the state of conversion of the zone. See DcPromo Flag.
        /// </summary>
        /// <see cref="DNSZoneDCPromoFlag"/>
        DSPROPERTY_ZONE_DCPROMO_CONVERT = 0x00000083,

        /// <summary>
        /// A list of DNS servers that will perform scavenging. The list is formatted as a DNS_ADDR_ARRAY (section 2.2.3.2.3). 
        /// The DNS server MUST read and write the aipScavengeServers (section 2.2.5.2.4.1) setting using property Id 
        /// DSPROPERTY_ZONE_SCAVENGING_SERVERS and SHOULD also read and write the aipScavengeServers (section 2.2.5.2.4.1) 
        /// setting using property Id DSPROPERTY_ZONE_SCAVENGING_SERVERS_DA. 
        /// During read, if the property values are not identical, the DNS server SHOULD use the property value specified by this property Id.
        /// </summary>
        DSPROPERTY_ZONE_SCAVENGING_SERVERS_DA = 0x00000090,

        /// <summary>
        /// A list of DNS servers that will perform zone transfers. The list is formatted as a DNS_ADDR_ARRAY (section 2.2.3.2.3). 
        /// The DNS server MUST read and write this list using property Id DSPROPERTY_ZONE_MASTER_SERVERS and SHOULD also read and write 
        /// this list using property Id DSPROPERTY_ZONE_MASTER_SERVERS_DA. 
        /// During read, if the property values are not identical, the DNS server SHOULD use the property value specified by this property Id.
        /// </summary>
        DSPROPERTY_ZONE_MASTER_SERVERS_DA = 0x00000091,

        /// <summary>
        /// A list of servers which MAY autocreate a delegation. The list is formatted as a DNS_ADDR_ARRAY (section 2.2.3.2.3) 
        /// The DNS server MUST read and write this list using property Id DSPROPERTY_ZONE_AUTO_NS_SERVERS and SHOULD also read and write 
        /// this list using property Id DSPROPERTY_ZONE_AUTO_NS_SERVERS_DA. 
        /// During read, if the property values are not identical, the DNS server SHOULD<117> use the value specified by property Id.
        /// </summary>
        DSPROPERTY_ZONE_AUTO_NS_SERVERS_DA = 0x00000092,

        /// <summary>
        /// The DNS RPC Node Flags
        /// </summary>
        /// <see cref="DNSRPCNodeFlags"/>
        DSPROPERTY_ZONE_NODE_DBFLAGS = 0x00000100
    }
    #endregion

    #region DNSZoneType
    /// <summary>
    /// The type of the DNS zone
    /// </summary>
    public enum DNSZoneType : uint {

        /// <summary>
        /// This zone is used to store all cached DNS records received from remote DNS servers during normal query processing.
        /// </summary>
        DNS_ZONE_TYPE_CACHE = 0x00000000,

        /// <summary>
        /// The DNS server is a primary DNS server for this zone.
        /// </summary>
        DNS_ZONE_TYPE_PRIMARY = 0x00000001,

        /// <summary>
        /// The DNS server is acting as a secondary DNS server for this zone.
        /// </summary>
        DNS_ZONE_TYPE_SECONDARY = 0x00000002,

        /// <summary>
        /// Zone is a stub zone. It contains only those resource records that are necessary to identify authoritative DNS servers for that zone.
        /// </summary>
        DNS_ZONE_TYPE_STUB = 0x00000003,

        /// <summary>
        /// The DNS server is a forwarder for this zone. The server does not have authoritative information for resource records in this zone. 
        /// </summary>
        DNS_ZONE_TYPE_FORWARDER = 0x00000004,

        /// <summary>
        /// This zone is used to hold cached records for some implementation specific purpose.
        /// </summary>
        DNS_ZONE_TYPE_SECONDARY_CACHE = 0x00000005

    }
    #endregion

    #endregion

    #region Remote Desktop

    /// <summary>
    /// Specifies the definition of the values of the TSPropertyName CtxCfgFlags1
    /// </summary>
    [Flags]
    public enum CtxCfgFlags1 : uint {

        Undefined = 0x00000000,

        Unknown1 = 0x00000001,

        Unknown2 = 0x00000002,

        /// <summary>
        /// Indicates disable client audio redirection
        /// </summary>
        F1MSK_DISABLECAM = 0x00000004,

        /// <summary>
        /// Indicates display of the desktop wallpaper in the session has been disabled
        /// </summary>
        F1MSK_WALLPAPERDISABLED = 0x00000008,

        /// <summary>
        /// Indicates disable .exe file execution
        /// </summary>
        F1MSK_DISABLEEXE = 0x00000010,

        /// <summary>
        /// Indicates disable client clipboard redirection
        /// </summary>
        F1MSK_DISABLECLIP = 0x00000020,

        /// <summary>
        /// Indicates disable client printer (LPT) port redirection
        /// </summary>
        F1MSK_DISABLELPT = 0x00000040,

        /// <summary>
        /// Indicates disable client COM port redirection
        /// </summary>
        F1MSK_DISABLECCM = 0x00000080,

        /// <summary>
        /// Indicates disable client drive redirection
        /// </summary>
        F1MSK_DISABLECDM = 0x00000100,

        /// <summary>
        /// Indicates disable client printer redirection
        /// </summary>
        F1MSK_DISABLECPM = 0x00000200,

        /// <summary>
        /// Indicates to override a third-party GINA so that only the default GINA is used for the terminal server session
        /// fUseDefaultGina is supported only on Windows NT, Windows 2000, Windows XP, and Windows Server 2003.
        /// </summary>
        F1MSK_USEDEFAULTGINA = 0x00000400,

        /// <summary>
        /// Not used
        /// </summary>
        F1MSK_HOMEDIRECTORYMAPROOT = 0x00000800,

        /// <summary>
        /// Indicates the connection does not need encryption
        /// </summary>
        F1MSK_DISABLEENCRYPTION = 0x00001000,

        /// <summary>
        /// Indicates to force the client's redirected printer to be the default printer for the user
        /// </summary>
        F1MSK_FORCECLIENTLPTDEF = 0x00002000,

        /// <summary>
        /// Specifies to automatically redirect printers on the client so they are accessible to the user in the remote terminal server session
        /// </summary>
        F1MSK_AUTOCLIENTLPTS = 0x00004000,

        /// <summary>
        /// Specifies to automatically redirect local drives on the client so they are accessible to the user in the remote terminal server session
        /// </summary>
        F1MSK_AUTOCLIENTDRIVES = 0x00008000,

        /// <summary>
        /// Indicates that a user cannot log on to a session remotely
        /// fLogonDisabled is only supported on Windows NT, Windows 2000, Windows XP, and Windows Server 2003
        /// </summary>
        F1MSK_LOGONDISABLED = 0x00010000,

        /// <summary>
        /// indicates that the user can reconnect from any client computer to a disconnected session
        /// </summary>
        F1MSK_RECONNECTSAME = 0x00020000,

        /// <summary>
        /// Log off the session when the idle timers for the session expire. Otherwise, the session will be disconnected when the timer expires.
        /// </summary>
        F1MSK_RESETBROKEN = 0x00040000,

        /// <summary>
        /// Ignore the credential sent from the client and always prompt for a password
        /// </summary>
        F1MSK_PROMPTFORPASSWORD = 0x00080000,

        /// <summary>
        /// Indicates the use of security settings from the user properties if the machine/user policy is not set
        /// </summary>
        F1MSK_INHERITSECURITY = 0x00100000,

        /// <summary>
        /// Indicates the value to use for fAutoClientDrivers and fAutoClientLpts from the user properties if the machine/user policy is not set
        /// </summary>
        F1MSK_INHERITAUTOCLIENT = 0x00200000,

        /// <summary>
        /// Indicates the value to use for MaxIdleTime from the user properties if the machine/user policy is not set
        /// </summary>
        F1MSK_INHERITMAXIDLETIME = 0x00400000,

        /// <summary>
        /// Indicates the value to use for MaxDisconnectionTime from the user properties if the machine/user policy is not set
        /// </summary>
        F1MSK_INHERITMAXDISCONNECTIONTIME = 0x00800000,

        /// <summary>
        /// Indicates the value to use for MaxSessionTime from the user properties if the machine/user policy is not set
        /// </summary>
        F1MSK_INHERITMAXSESSIONTIME = 0x01000000,

        /// <summary>
        /// Indicates the value to use for Shadow from the user properties if the machine/user policy is not set
        /// </summary>
        F1MSK_INHERITSHADOW = 0x02000000,

        /// <summary>
        /// Indicates the value to use for CallbackNumber from the user properties if the machine/user policy is not set
        /// Not used by Remote Desktop Services
        /// </summary>
        F1MSK_INHERITCALLBACKNUMBER = 0x04000000,

        /// <summary>
        /// Indicates the value to use for Callback from the user properties if the machine/user policy is not set.
        /// Not used by Remote Desktop Services
        /// </summary>
        F1MSK_INHERITCALLBACK = 0x08000000,

        /// <summary>
        /// Indicates the value to use for InitialProgram from the user properties if the machine/user policy is not set
        /// </summary>
        F1MSK_INHERITINITIALPROGRAM = 0x10000000,

        Unknown20000000 = 0x20000000,

        Unknown40000000 = 0x40000000,

        Unknown80000000 = 0x80000000,

    }

    /// <summary>
    /// Specifies the encryption level of the remote desktop connection
    /// </summary>
    public enum CtxEncryptionLevel : uint {

        Undefined = 0,

        /// <summary>
        /// DES 56
        /// </summary>
        Low = 1,

        /// <summary>
        /// Use the client encryption level
        /// </summary>
        ClientCompatible = 2,

        /// <summary>
        /// 128 bit
        /// </summary>
        High = 3,

        /// <summary>
        /// FIPS Federal Information Processing Standard
        /// </summary>
        FIPS = 4
    }

    /// <summary>
    /// Specifies the value of the settings for input and permission on the user account Remote Control tab
    /// </summary>
    public enum RemoteControlSettings : uint {

        /// <summary>
        /// Remote control disabled
        /// </summary>
        Disable = 0,

        /// <summary>
        /// Interaction with the user session enabled/permission required
        /// </summary>
        EnableInputNotify = 1,

        /// <summary>
        /// Interaction with the user session disabled/permission not required
        /// </summary>
        EnableInputNoNotify = 2,

        /// <summary>
        /// Interaction with the user session disabled/permission required
        /// </summary>
        EnableNoInputNotify = 3,

        /// <summary>
        /// Interaction with the user session enabled/permission not required
        /// </summary>
        EnableNoInputNoNotify = 4,
    }

    /// <summary>
    /// Specifies the action to take when a session is disconnected
    /// </summary>
    public enum RemoteDesktopDisconnectAction : uint {

        Undefined,

        /// <summary>
        /// Disconnect the session
        /// </summary>
        Disconnect,

        /// <summary>
        /// Logoff the session
        /// </summary>
        Logoff
    }

    /// <summary>
    /// Specifies if reconnecting to a session is allows from any client or only the originating client
    /// </summary>
    public enum RemoteDesktopReconnectAction : uint {

        Undefined,

        /// <summary>
        /// Allow reconnection from any client
        /// </summary>
        FromAnyClient,

        /// <summary>
        /// Allow reconnection only from the originating client
        /// </summary>
        FromOriginatingClientOnly
    }

    /// <summary>
    /// Describes the TSProperty that may be present in the userParameters attribute
    /// </summary>
    public enum TSPropertyNames {

        Undefined,

        /// <summary>
        /// It indicates presence of valid TSProperty structures in TSPropertyArray. 
        /// If the TSPropertyArray does not contain a TSProperty structure containing this PropName and PropValue, 
        /// Terminal Services ignore the remaining contents of TSPropertyArray. 
        /// The PropValue field can only contain value 0xB00B1E55.
        /// 32-bit unsigned integer
        /// </summary>
        CtxCfgPresent,

        /// <summary>
        /// Each bit in the PropValue maps to a Boolean field of the USERCONFIG structure returned by the RpcGetConfigData method. 
        /// For details about each bit, see the table of CtxCfgFlags1 values
        /// 32-bit unsigned integer
        /// </summary>
        CtxCfgFlags1,

        /// <summary>
        /// The callback class for callback operations.
        /// 32-bit unsigned integer
        /// </summary>
        CtxCallBack,

        /// <summary>
        /// The keyboard layout (HKL) of the user session.
        /// 32-bit unsigned integer
        /// </summary>
        CtxKeyboardLayout,

        /// <summary>
        /// The minimum allowed encryption level of the user session.
        /// The minimum allowed encryption level. Possible numeric values for this parameter include 1 (Low), 2 (Client Compatible), 3 (High), and 4 (FIPS). 
        /// 8-bit unsigned integer
        /// </summary>
        CtxMinEncryptionLevel,

        /// <summary>
        /// The NetWare logon server name.
        /// 32-bit unsigned integer
        /// </summary>
        CtxNWLogonServer,

        /// <summary>
        /// This attribute specifies the home directory for the user. Each user on a terminal server has a unique home directory. 
        /// This ensures that application information is stored separately for each user in a multi-user environment. 
        /// To set a home directory on the local computer, the implementer specifies a local path; for example, C:\Path. 
        /// To set a home directory in a network environment, the implementer MUST first set the CtxWFHomeDirDrive property, 
        /// and then set this property to a Universal Naming Convention (UNC) path.
        /// Variable-length ASCII character array
        /// </summary>
        CtxWFHomeDir,

        /// <summary>
        /// This attribute specifies a home drive for the user. In a network environment, this property is a string containing a drive 
        /// specification (a drive letter followed by a colon) to which the UNC path specified in the TerminalServicesCtxWFHomeDir property 
        /// is mapped. To set a home directory in a network environment, the implementer MUST first set this property, and then set the 
        /// CtxWFHomeDir property.
        /// Variable-length ASCII character array
        /// </summary>
        CtxWFHomeDirDrive,

        /// <summary>
        /// This attribute specifies the path and file name of the application that the user requires to start automatically when the user 
        /// logs on to the terminal server. To set an initial application to start when the user logs on, the implementer MUST first set this
        /// property, and then set the CtxWorkDirectory property. If the implementer sets only the CtxInitialProgram property, the application 
        /// starts in the user's session in the default user directory.
        /// Variable-length ASCII character array
        /// </summary>
        CtxInitialProgram,

        /// <summary>
        /// This attribute specifies the maximum duration (in milliseconds) of the Terminal Services session. 
        /// After the specified number of milliseconds has elapsed, the session can be disconnected or terminated.
        /// 32-bit unsigned integer
        /// </summary>
        CtxMaxConnectionTime,

        /// <summary>
        /// This attribute specifies the maximum amount of time (in milliseconds) that a disconnected Terminal Services session remains active on the terminal server.
        /// After the specified number of milliseconds has elapsed, the session is terminated.
        /// 32-bit unsigned integer
        /// </summary>
        CtxMaxDisconnectionTime,

        /// <summary>
        /// This attribute specifies the maximum amount of time (in milliseconds) that the Terminal Services session can remain idle. 
        /// After the specified number of milliseconds has elapsed, the session can be disconnected or terminated.
        /// 32-bit unsigned integer
        /// </summary>
        CtxMaxIdleTime,

        /// <summary>
        /// This attribute specifies a roaming or mandatory profile path to use when the user logs on to the terminal server. 
        /// The profile path is in the following network path format: \\servername\profiles folder name\username.
        /// Variable-length ASCII character array
        /// </summary>
        CtxWFProfilePath,

        /// <summary>
        /// This attribute specifies whether to allow remote observation or remote control of the user's Terminal Services session. 
        /// The values are as follows:
        /// 0. Disable
        /// 1. EnableInputNotify
        /// 2. EnableInputNoNotify
        /// 3. EnableNoInputNotify
        /// 4. EnableNoInputNoNotify
        /// 32-bit unsigned integer
        /// </summary>
        CtxShadow,

        /// <summary>
        /// This attribute specifies the working directory path for the user. To set an initial application to start when the user logs on
        /// to the terminal server, the implementer MUST first set the CtxInitialProgram property, and then set this property.
        /// Variable-length ASCII character array
        /// </summary>
        CtxWorkDirectory,

        /// <summary>
        /// This attribute specifies the call back number provided to the user on the client side for technical support.
        /// Variable-length ASCII character array
        /// </summary>
        CtxCallbackNumber,

    }
    #endregion

}
